下記を参考にGNS3でVXLANを組めるか確認。

gblogs.cisco.com

手元にあるNexus 9000は複数台だと安定しないので、

まずは何も考えず1台でconfigがはじかれないか、確認。

switch(config)# do sh version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_serie
s_home.html
Copyright (c) 2002-2017, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.

Nexus 9000v is a demo version of the Nexus Operating System

Software
BIOS: version
NXOS: version 7.0(3)I7(1)
BIOS compile time:
NXOS image file is: bootflash:///nxos.7.0.3.I7.1.bin
NXOS compile time: 8/31/2017 14:00:00 [08/31/2017 22:29:32]

Hardware
cisco Nexus9000 9000v Chassis
with 4037704 kB of memory.
Processor Board ID 9DCWSR91V6X

Device name: switch
bootflash: 3509454 kB
Kernel uptime is 0 day(s), 1 hour(s), 22 minute(s), 48 second(s)

Last reset
Reason: Unknown
System version:
Service:

plugin
Core Plugin, Ethernet Plugin

Active Package(s):

switch(config)#

手順通りにconfigを入れると、VLAN と VXLAN のマッピングまではできた。 

switch# sh vxlan
Vlan VN-Segment
==== ==========
10 30010
switch# sh
^
% Incomplete command at '^' marker.
switch# sh nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
SU - Suppress Unknown Unicast

Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 30010 UnicastBGP Up CP L2 [10]

 

 EVPN の状況も確認。

switch# sh bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 3, Local Router ID is 10.0.10.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10.0.10.1:32777 (L2VNI 30010)
l[3]:[0]:[32]:[10.0.20.3]/88
10.0.20.3 100 32768 i

 L3 VNIを作ろうとするも、SVIが作成できず断念。

switch(config)# interface vlan1
^
Invalid interface format at '^' marker.
switch(config)# in
install interface
switch(config)# interface ?
ethernet Ethernet IEEE 802.3z
loopback Loopback interface
mgmt Management interface
nve NVE interface
port-channel Port Channel interface

switch(config)# interface

 ※手持ちにNexus-7kでも試したみたが、lacpが動かず断念。

1. 検証項目

STPを設定してR1~R2間でPing疎通させる。 

2. 物理構成

3. 検証結果

STPを設定してR1~R2間でPing疎通を確認。

SW1# sh spanning-tree

VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 00b9.40d4.7d2f
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00b9.40d4.7d2f
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Eth2/1 Desg FWD 4 128.257 P2p
Eth2/2 Desg FWD 4 128.258 P2p
Eth2/10 Desg FWD 4 128.266 P2p

SW2# sh spanning-tree

VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 00b9.40d4.7d2f
Cost 4
Port 257 (Ethernet2/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00b9.40f6.a02f
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Eth2/1 Root FWD 4 128.257 P2p
Eth2/2 Altn BLK 4 128.258 P2p
Eth2/10 Desg FWD 4 128.266 P2p

Cisco7200-1#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/24/36 ms 

Cisco7200-2#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/35/36 ms

4. 検証メモ

・Pingが次のように欠けることがある。一度、2本あるNexus間のケーブルの一本を削除してPing試験を実施し、ケーブルを接続しなおすとPingが飛ぶようになる。GNS3の処理の問題?

・下記コマンドで各インターフェイスに設定されていたMac Addressを削除。

SW1(config)# int e2/1-48
SW1(config-if-range)# no mac-address

5. 各設備のConfig

Nexus-SW1のConfig(関係ないInterfaceは省略) 

!Command: show running-config
!Time: Sun May 13 12:02:46 2018

version 7.3(0)D1(1)
power redundancy-mode redundant

hostname SW1
vdc SW1 id 1
limit-resource module-type m1 m1xl m2xl f2e
allocate interface Ethernet2/1-48
allocate interface Ethernet3/1-48
allocate interface Ethernet4/1-48
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 96 maximum 96
limit-resource u6route-mem minimum 24 maximum 24
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

username admin password 5 $5$Otc7T0NC$K.ulnSZnSyXLrTGNBdtLgZJXEa8EeNx.BrdZ98XyK2
C role network-admin
no password strength-check
ip domain-lookup
vlan dot1Q tag native
system default switchport
system jumbomtu 0
no logging event trunk-status enable
copp profile strict
snmp-server user admin auth md5 0x328945d53e05e8e7207f8c20b142f0b7 priv 0x328945
d53e05e8e7207f8c20b142f0b7 localizedkey engineID 128:0:0:9:3:0:0:0:0:0:0
rmon event 1 log description FATAL(1) owner PMON@FATAL
rmon event 2 log description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log description ERROR(3) owner PMON@ERROR
rmon event 4 log description WARNING(4) owner PMON@WARNING
rmon event 5 log description INFORMATION(5) owner PMON@INFO
snmp-server enable traps link

vlan 1

vrf context management

interface mgmt0
vrf member management

interface Ethernet2/1
switchport
no shutdown

interface Ethernet2/2
switchport
no shutdown

interface Ethernet2/3
shutdown
no switchport

interface Ethernet2/4
shutdown
no switchport

interface Ethernet2/5
shutdown
no switchport

interface Ethernet2/6
shutdown
no switchport

interface Ethernet2/7
shutdown
no switchport

interface Ethernet2/8
shutdown
no switchport

interface Ethernet2/9
shutdown
no switchport

interface Ethernet2/10
switchport
no shutdown

interface Ethernet2/11
shutdown
no switchport

interface Ethernet4/48
shutdown
no switchport
line console
line vty
boot kickstart bootflash:/titanium-d1-kickstart.7.3.0.D1.1.bin
boot system bootflash:/titanium-d1.7.3.0.D1.1.bin
no system default switchport shutdown

 Nexus-SW2のConfig(関係ないInterfaceは省略) 

SW2# sh run

!Command: show running-config
!Time: Sun May 13 12:53:09 2018

version 7.3(0)D1(1)
power redundancy-mode redundant

hostname SW2
vdc SW2 id 1
limit-resource module-type m1 m1xl m2xl f2e
allocate interface Ethernet2/1-48
allocate interface Ethernet3/1-48
allocate interface Ethernet4/1-48
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 96 maximum 96
limit-resource u6route-mem minimum 24 maximum 24
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

username admin password 5 $5$Otc7T0NC$K.ulnSZnSyXLrTGNBdtLgZJXEa8EeNx.BrdZ98XyK2
C role network-admin
no password strength-check
ip domain-lookup
vlan dot1Q tag native
system default switchport
system jumbomtu 0
no logging event trunk-status enable
copp profile strict
snmp-server user admin auth md5 0x328945d53e05e8e7207f8c20b142f0b7 priv 0x328945
d53e05e8e7207f8c20b142f0b7 localizedkey engineID 128:0:0:9:3:0:0:0:0:0:0
rmon event 1 log description FATAL(1) owner PMON@FATAL
rmon event 2 log description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log description ERROR(3) owner PMON@ERROR
rmon event 4 log description WARNING(4) owner PMON@WARNING
rmon event 5 log description INFORMATION(5) owner PMON@INFO
snmp-server enable traps link

vlan 1

vrf context management

interface mgmt0
vrf member management

interface Ethernet2/1
switchport
no shutdown

interface Ethernet2/2
switchport
no shutdown

interface Ethernet2/3
shutdown
no switchport

interface Ethernet2/4
shutdown
no switchport

interface Ethernet2/5
shutdown
no switchport

interface Ethernet2/6
shutdown
no switchport

interface Ethernet2/7
shutdown
no switchport

interface Ethernet2/8
shutdown
no switchport

interface Ethernet2/9
shutdown
no switchport

interface Ethernet2/10
switchport
no shutdown

interface Ethernet2/11
shutdown
no switchport

interface Ethernet4/48
shutdown
no switchport
line console
line vty
boot kickstart bootflash:/titanium-d1-kickstart.7.3.0.D1.1.bin
boot system bootflash:/titanium-d1.7.3.0.D1.1.bin
no system default switchport shutdown

Cisco7200-1のConfig

Cisco7200-1#sh run
Building configuration...

Current configuration : 1250 bytes
!
version 12.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco7200-1
!
!
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
!
!
ip tcp synwait-time 5
no ip domain-lookup
ip ssh time-out 120
ip ssh authentication-retries 3
no mpls traffic-eng auto-bw timers frequency 0
!
!
!
!
interface FastEthernet0/0
no ip address
no ip directed-broadcast
shutdown
!
interface GigabitEthernet1/0
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast
negotiation auto
!
interface GigabitEthernet2/0
no ip address
no ip directed-broadcast
shutdown
negotiation auto
!
interface FastEthernet3/0
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
interface FastEthernet3/1
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
interface FastEthernet4/0
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
interface FastEthernet4/1
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
ip classless
!
!
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end

 

Cisco7200-2のConfig

Cisco7200-2#sh run
Building configuration...

Current configuration : 1250 bytes
!
version 12.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco7200-2
!
!
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
!
!
ip tcp synwait-time 5
no ip domain-lookup
ip ssh time-out 120
ip ssh authentication-retries 3
no mpls traffic-eng auto-bw timers frequency 0
!
!
!
!
interface FastEthernet0/0
no ip address
no ip directed-broadcast
shutdown
!
interface GigabitEthernet1/0
ip address 192.168.1.2 255.255.255.0
no ip directed-broadcast
negotiation auto
!
interface GigabitEthernet2/0
no ip address
no ip directed-broadcast
shutdown
negotiation auto
!
interface FastEthernet3/0
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
interface FastEthernet3/1
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
interface FastEthernet4/0
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
interface FastEthernet4/1
no ip address
no ip directed-broadcast
shutdown
speed 100
half-duplex
!
ip classless
!
!
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end

Nexus 1000vを操作するために、下記をインストールしてみる。

Nested構成で試してみる。

インストール方法は下記がわかりやすい。

qiita.com

参考にしたサイトと違い、現在はESXiは6.7だったが手順は全く同じ。ダウンロードしたisoファイルをVMware Workstation 12 Playerに読み込ませるとインストール開始。

ESXiは古いVersionもダウンロードできる。

インストールが終わった後、ESXiを立ち上げる。

ブラウザで表示されたhttp://192.168.223.153を入力。インストール時に設定したroot権限のパスワードを入力(8文字以上、数字/大文字/記号含む)

ブラウザからアクセス完了。

下記よりVMware vSphere Client6.0をダウンロード。

VMware Knowledge Base

"VMware-viclient-all-6.0.0-2502222.exe"を展開しインストール、ESXiにアクセスしようとするも不可。

Nested構成だとvSphere Clientは使用できない?

参考サイト)

qiita.com

vm.study234.com